1. Field of the Invention
Methods and apparatuses consistent with the present invention relate to providing secure communication between devices in a home network, and more particularly, to managing authentication information in a home network, which functions to provide secure communication between a control device and a controlled device.
2. Description of the Related Art
Due to the development of home networks, an existing personal computer (PC)-centered network environment in the home has expanded into a network environment which includes electronic devices using various lower network technologies. In this regard, there was a necessity to develop a technology that can network the electronic devices with a unified system by using Internet Protocol (IP) protocol, thus, a home network middleware technology such as Universal Plug and Play (UPnP) technology has been presented.
The UPnP technology is based on a distributed and open networking architecture, and allows peer-to-peer networking of each electronic device in a home network, without central administration.
In general, in home network middleware, a controlled device such as a UPnP device can model its service into actions and state variables, and a control device such as a UPnP Control Point (CP) can automatically discover the controlled device and then use the service.
In order to configure a home network, a security system must be built to prevent a device from being manipulated by an external intruder. The UPnP technology provides an UPnP security console standard and an UPnP device security standard so as to present a security function between a CP and the device. The standards provide security functions such as discrimination of an UPnP control message, integrity, and authentication.
Wi-Fi Protected Setup (WPS) is a standard for easy and secure establishment of a wireless home network, and is presented by the Wi-Fi Alliance. The goal of the WPS is to simplify the process of connecting a home device to a wireless network, and to protect a home network from an external attack. A mandatory model among WPS models is a Product Identification Number (PIN) method which arranges the input of a serial number of a new device to Registrar of a network so as to start a security session, wherein the serial number is allocated to the new device at the time of manufacture. The security session is composed of eight Extensible Authentication Protocol (EAP) messages.
Also, Transport Layer Security (TLS) is the Internet Engineering Task Force (IETF) standard aiming to provide end-to-end security on a transport layer. End-to-end authentication is provided by a public key algorithm and an X.509 public key certificate. End-to-end confidentiality is provided by a secret key (a session key) shared by using the Handshake Protocol. Also, end-to-end integrity is provided by a message authentication code (MAC).